Check with your OS vendor for patches. Check with your service providers to make sure they've patched. Be extremely cautious about trusting https for protection unless you can confirm the service you're using is not vulnerable.

You should also examine any dependent software that uses OpenSSL as a dependency. That includes rbenv and ruby-build. If you've built Ruby 2.0.0 or later with rbenv/ruby-build, you will need to rebuild your Ruby.

That said, since this is a memory disclosure vulnerability, there could be secondary exposure of any in-memory data on affected servers that are exposed to the internet. So once you have the primary problem patched and are sure no more information can be leaked, think carefully about potentially compromised data:

SSL certificate private keys

Session tokens

Passwords

etc., etc., etc.

And to reiterate what Nathan said: THIS IS VERY VERY SERIOUS. HIT THE BIG RED BUTTON, DROP EVERYTHING ELSE ON YOUR PLATE, AND FIX IT NOW.

You should also examine any dependent software that uses OpenSSL as a dependency. That includes rbenv and ruby-build. If you've built Ruby 2.0.0 or later with rbenv/ruby-build, you will need to rebuild your Ruby.

So there's no impact for earlier Rubies, like 1.9.3? Do you know if RVM would be a problem?

I can't answer for RVM specifically, but, if you run ruby -r openssl -e 'puts OpenSSL::OPENSSL_VERSION' however you're running an MRI or otherwise C-backed Ruby (notably not JRuby), and you see anything like OpenSSL 1.0.1 through 1.0.1f, you need to 1) upgrade to OpenSSL 1.0.1g and 2) rebuild your ruby.

Yesterday, I effectively rebuilt everything I'd built on my laptop with homebrew because I had a vulnerable version.

NB: If you use Maverick's default install of Ruby 2.0.0p247, you are safe. It uses OpenSSL 0.9.8y